HybridFlow::getResponseTypes() - Code Metrics - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

HybridFlow::getResponseTypes() A
last analyzed 2018-06-23 21:42 UTC

↳ Parent: HybridFlow
Complexity

Conditions	1
Paths	1
Size

Total Lines
Duplication

Lines	0
Ratio	0 %
Importance

Changes
Metric	Value
cc	1
nc	1
nop	0
dl	0
loc	3
rs	10
c	0
b	0
f	0
<?php
/**
 * Created by PhpStorm.
 * User: Alexandre
 * Date: 18/02/2018
 * Time: 18:08
 */

namespace OAuth2\Extensions\OpenID\AuthorizationGrantTypes\Flows;


use OAuth2\Endpoints\Authorization\AuthorizationRequestInterface;
use OAuth2\Endpoints\AuthorizationEndpoint;
use OAuth2\Endpoints\TokenEndpoint;

use OAuth2\Extensions\OpenID\Credentials\AuthorizationCodeInterface;
use OAuth2\Extensions\OpenID\IdTokenManager;
use OAuth2\AuthorizationGrantTypes\Flows\FlowInterface;
use OAuth2\Storages\AuthorizationCodeStorageInterface;
use OAuth2\Storages\AccessTokenStorageInterface;
use OAuth2\Storages\RefreshTokenStorageInterface;


class HybridFlow implements FlowInterface
{
    /**
     * @var AuthorizationCodeStorageInterface
     */
    private $authorizationCodeStorage;
    /**
     * @var AccessTokenStorageInterface
     */
    private $accessTokenStorage;
    /**
     * @var IdTokenManager
     */
    private $idTokenManager;

    public function __construct(AuthorizationCodeStorageInterface $authorizationCodeStorage,
                                AccessTokenStorageInterface $accessTokenStorage,
                                RefreshTokenStorageInterface $refreshTokenStorage,
                                /** @scrutinizer ignore-unused */ RefreshTokenStorageInterface $refreshTokenStorage,
                                IdTokenManager $idTokenManager)
    {
        // TODO get authorization code flow in parameter to delegate grant type authorization_code
        $this->authorizationCodeStorage = $authorizationCodeStorage;
        $this->accessTokenStorage = $accessTokenStorage;
        $this->idTokenManager = $idTokenManager;
    }

    public function getResponseTypes(): array
    {
        return ['code id_token', 'code token', 'code id_token token'];
    }

    /**
     * @param AuthorizationEndpoint $authorizationEndpoint
     * @param array $requestData
     */
    public function verifyAuthorizationRequest(AuthorizationEndpoint $authorizationEndpoint, array $requestData)
    public function verifyAuthorizationRequest(/** @scrutinizer ignore-unused */ AuthorizationEndpoint $authorizationEndpoint, array $requestData)
    {
    }

    public function handleAuthorizationRequest(AuthorizationRequestInterface $authorizationEndpoint): array
    {
        if (!$authorizationEndpoint instanceof \OAuth2\Extensions\OpenID\Endpoints\AuthorizationEndpoint) {
            throw new \InvalidArgumentException();
        }

        $result = [];
        $idTokenClaims = [];
        $responseTypes = explode(' ', $authorizationEndpoint->getData()['response_type']);
        if (in_array('code', $responseTypes)) {
//            $resourceOwnerClaims = $authorizationEndpoint->getResourceOwner()->getClaims($authorizationEndpoint->getScopes());

//            $idTokenTokenEndpoint = $this->idTokenManager->issueIdToken(
//                $authorizationEndpoint->getClient(),
//                $authorizationEndpoint->getResourceOwner(),
//                $resourceOwnerClaims
//            );

            $authorizationCode = $this->authorizationCodeStorage->generate(
                $authorizationEndpoint->getScopes(),
                $authorizationEndpoint->getClient()->getIdentifier(),
                $authorizationEndpoint->getResourceOwner()->getIdentifier(),
                $requestData['scope'] ?? null,

                $requestData['redirect_uri'] ?? null
//                $idTokenTokenEndpoint
            );

            if (!$authorizationCode instanceof AuthorizationCodeInterface) {
                throw new \InvalidArgumentException();
            }

            $idTokenClaims['c_hash'] = $this->idTokenManager->getCodeHash(
                $authorizationEndpoint->getClient(), $authorizationCode);
            $result['code'] = $authorizationCode->getCode();
        }

        if (in_array('token', $responseTypes)) {
            $accessToken = $this->accessTokenStorage->generate(
                $authorizationEndpoint->getScopes(),
                $authorizationEndpoint->getClient()->getIdentifier(),
                $authorizationEndpoint->getResourceOwner()->getIdentifier()
            );

            $idTokenClaims['at_hash'] = $this->idTokenManager->getAccessTokenHash(
                $authorizationEndpoint->getClient(), $accessToken);
            $result['access_token'] = $accessToken->getToken();
        }

        if (in_array('id_token', $responseTypes)) {
            $result['id_token'] = $this->idTokenManager->issueIdToken(
                $authorizationEndpoint->getClient(),
                $authorizationEndpoint->getResourceOwner(),
                /** @scrutinizer ignore-type */ $authorizationEndpoint->getResourceOwner(),
                $idTokenClaims
            );
        }

        return $result;
    }

    public function getDefaultResponseMode(): string
    {
        return 'fragment';
    }

    public function getUnsupportedResponseModes(): array
    {
        return ['query'];
    }

    public function isRegistrationOfRedirectUriRequired(): bool
    {
        return true;
    }

    public function getGrantTypes(): array
    {
        return [];
    }

    public function handleAccessTokenRequest(TokenEndpoint $tokenEndpoint, array $requestData): array
    {
        return [];
    }
}
php-guard / oauth-server

HybridFlow::getResponseTypes() A last analyzed 2018-06-23 21:42 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

HybridFlow::getResponseTypes() A
last analyzed 2018-06-23 21:42 UTC
